In this episode of The Gate 15 Interview, Andy Jabbour speaks with Gary Warner, Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB) and the Director of Threat Intelligence for DarkTower. From his LinkedIn bio, “Gary is the ‘Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB). In this role, which brings together the Computer Science and Criminal Justice departments, he is concentrating on research that will help law enforcement and other security professionals to identify, apprehend, prosecute and convict those who are committing cybercrime, and spread information to victims and potential victims about cybercrime issues. 90 analysts and programmers work in the UAB Computer Forensics Lab building tools and providing intelligence for a variety of clients around Cybercrime, Fraud, and Terrorism, as well as the Social Media aspects of more traditional crimes, including Gang Activity and Transnational Drug Networks. In addition to his duties at UAB, Warner serves as the Director of Threat Intelligence for DarkTower, a subsidiary of Queen Associates in Charlotte, North Carolina. Gary Warner was the founding president of the Birmingham InfraGard chapter, and has served as secretary and member of the board of the InfraGard National Members Alliance, among other roles.

Read more on LinkedIn. Gary on Twitter: @GarWarner. Gary’s blog: CyberCrime & Doing Time; A Blog about Cyber Crime and related Justice issues. “Malware analysis is a team sport” – Gary Warner, on information sharing, during our podcast recording In the discussion we address:

• Gary’s backstory and the work he’s doing today

• Information sharing and the value of plugging into information sharing communities

• The great work being done by the FBI and CISA

• The importance of knowing your competition, China, Russia, and ongoing threats

• Some of Gary’s go-to resources

• Gary talks about haikus, Talking Heads, GarBot, birdwatching, and more! “CISA, it's a new era of info sharing in the government” before giving some shout outs to CISA’s first Director, Chris Krebs, and current Director, Jen Easterly

A few references mentioned in or relevant to our discussion include:

• CISA’s Known Exploited Vulnerabilities Catalog (KEVC), something Gate 15’s Jen Walker raves about often, including in our recent Risk Roundtable: The Risk Roundtable EP 27: Don’t let bias guide your preparedness (07 Mar 22). https://www.cisa.gov/known-exploited-vulnerabilities-catalog

• Gary discussed this event: Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities (13 Apr 21) https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-effort-disrupt-exploitation-microsoft-exchange

• BITNET https://bit.net

• FBI SENTINEL System https://www.fbi.gov/services/information-management/foipa/privacy-impact-assessments/sentinel

• Intellipedia https://en.wikipedia.org/wiki/Intellipedia

• REN-ISAC https://www.ren-isac.net

• Gary’s four CISA “must watch” sites from the CISA cyber landing page:

o Current activity: https://www.cisa.gov/uscert/ncas/current-activity

o Alerts: https://www.cisa.gov/uscert/ncas/alerts

o Bulletins: https://www.cisa.gov/uscert/ncas/bulletins

o Analysis: https://www.cisa.gov/uscert/ncas/analysis-reports

• Gary strongly encouraged listeners to check CISA Director Jen Easterly’s “about” section in her LinkedIn profile to understand why she is so excellently qualified to be the woman leading CISA today (something Chris Krebs, her predecessor at CISA agrees with)